Advanced Linux System Administra on
Topic 11. Network administra on (Introduc on).
Pablo Abad Fidalgo José Ángel Herrero Velasco
Departamento de Ingeniería Informá ca y Electrónica
Este tema se publica bajo Licencia: Crea ve Commons BY-NC-SA 4.0 Index
• Introduc on (TCP/IP). • Network Interface. • Link Layer. • Network Layer. • Monitoring/Test. Introduc on (TCP/IP)
• Protocol “Suite”, a set of protocols designed to implement interconnec on networks: – Origin: research project of the USA defense department (ARPANET). • Mul ple components, arranged hierarchically (stack).
arp ssh, h p Gaming traceroute Applica on Layer
TCP UDP Transport Layer
IP ICMP Network Layer
ARP, drivers Link Layer
Copper, fiber, wireless Physical Layer Introduc on (TCP/IP)
• Protocol “Suite”, a set of protocols designed to implement interconnec on networks: – Origin: research project of the USA defense department (ARPANET). • Mul ple components, arranged hierarchically (stack): – UDP, User Datagram Protocol, unverified, one-way data delivery. – TCP, Transmission Control Protocol, reliable, full duplex, flow controlled, error corrected conversa ons. – IP, the Internet Protocol, routes data packets from one machine to another. – ICMP, the Internet Control Message Protocol, provides low level support for IP: error messages, rou ng assistance, debugging. – ARP, Address Resolu on Protocol, translates IP addresses into HW address (MAC). Introduc on (TCP/IP)
• Encapsula on: – Data travels on the network in the form of packets, bursts of data with a maximum length imposed by the link layer. – Each packet consists of a header and a payload: • Header: includes Source-Des na on and protocol informa on. • Payload: the informa on (Data). – As a packet travels down the TCP/IP protocol stack, each protocol adds its own header informa on.
Ethernet Header IP Header UDP Header Applica on Data CRC Eth. 14 bytes 20 bytes 8 bytes 100 bytes 4 bytes UDP Packet (108 bytes) IP Packet (128 bytes) Ethernet Packet (146 bytes) Introduc on (TCP/IP)
• Packet Addressing: mul ple addressing schemes (at different layers): – HW Addressing (link layer): • Each net interface has one MAC addr that dis nguishes it in the physical network. • Ethernet Network: 6 byte direc on (2-digit hex bytes: 00:50:8D:9A:3B:DF). – IP Addressing (IPv4: 216.58.211.196): • Iden fies the network interface in Internet. Unique at global level* (NAT & private addr). • Physical Address – IP address mapping: ARP protocol. – Hostname Addressing: • Number-based direc ons hard to remember (216.58.211.196 ??). Name mapping. • File mapping ( /etc/hosts) or DNS (world-wide Domain Name Server). – Ports: • IP iden fies the interface, How to iden fy ac ve services? (mul ple connec ons). • Extend IP address with port number: 16 bits iden fying a communica on channel. • Standard services (ssh, p, h p) are associated to pre-established ports ( /etc/services). Introduc on (TCP/IP)
• IP Addressing: – IPv4 vs IPv6: IPv4 limita ons (3 february 2011 no more addresses available): • https://www.google.com/intl/en/ipv6/statistics.html (may 2017, below 20%). – Types of IPv4 addresses: (32 bits divided into 4 8-bit fields a.b.c.d): • Determines which por on iden fies the network and which one the host. • Class A: (N.H.H.H) 1.x.x.x – 127.x.x.x (Apple, AT&T, Ford, US DoD…): – Network part=a, 126 nets. – Host part=b.c.d, +16 millon hosts at each net. • Class B: (N.N.H.H) 128.x.x.x – 191.x.x.x: 0.0.0.0: My own Host (NO net connec on) 0.x.x.x: One machine in our network – +16K nets, 65K hosts per net. 127.0.0.1: Loopback. Does not reach the NIC. • Class C: (N.N.N.H) 192.x.x.x – 233.x.x.x. 255.255.255.255: Bcast in local network. x.x.x.255: Bcast in specified network. • Classes D and E: 234.0.0.0 – 255.x.x.x: – Experimental networks and mul cast addressing. – Subne ng: A & B oversized, break classes into subclasses: • Part of the host iden fier is employed to iden fy the network. • Through the network mask (mapping). Index
• Introduc on (TCP/IP). • Network Interface. • Link Layer. • Network Layer. • Monitoring/Test. Network Interface
• Host / Interface: – Hosts are computers/individual systems. – Each host can have one or more network interfaces (NICs) (Cable + WIFI): • Each interface represents a connec on to a different network (different IP). • Basic network equipment: – Hubs (level OSI-1): Only interconnects wires. – Switches (level OSI-2): Ethernet level management (ARP, MAC, etc.). – Routers (level OSI-3): IP packet management, network level. – Others: traffic balancing, firewalls… • Linux does not perform net management through device files: – ethX has no device file associated ( /dev/ethX not found). – NICs are managed through kernel modules (drivers). Network Interface
• Configura on (Debian): file /etc/network/interfaces: – Establishes the configura on of network interfaces. – Allows addi onal func onality: routes*, alias, pre/post opera ons… – Fields: • auto
– *Loopback interface: • Communica on of network apps auto eth0 iface eth0 inet static hosted in the same system. address 192.168.1.132 netmask 255.255.255.0 • auth lo. network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1 Network Interface
• Configura on (Debian): – Interface configura on can be modified in a “running” system: • STEP 1. Modifica on. Edit the file ( /etc/network/interfaces or command ifconfig). • STEP 2. Re-start. ifdown/ifup or reboot the service ( /etc/init.d/networking restart). – Commands ifup/ifdown: power on/off a network interface: • Syntax: ifdown eth0 (power off eth0 card).
– Command ifconfig: net parameter configura on: • Syntax: ifconfig